Title | Security Chaos Engineering for Cloud Services: Work In Progress |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Torkura, Kennedy A., Sukmana, Muhammad I.H., Cheng, Feng, Meinel, Christoph |
Conference Name | 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA) |
Date Published | sep |
Keywords | chaos, cloud computing, cloud computing security, cloud infrastructure, cloud security system, cloud services, Cloud-Security, CloudStrike, composability, Fault tolerance, Fault tolerant systems, Human Errors, Intrusion detection, intrusion tolerance, nonsecurity failures, pubcrawl, Resiliency, Resilient Architectures, security breaches, security chaos engineering, security models, security of data, security risk assessment, software fault tolerance, Testing, traditional security paradigms |
Abstract | The majority of security breaches in cloud infrastructure in recent years are caused by human errors and misconfigured resources. Novel security models are imperative to overcome these issues. Such models must be customer-centric, continuous, not focused on traditional security paradigms like intrusion detection and adopt proactive techniques. Thus, this paper proposes CloudStrike, a cloud security system that implements the principles of Chaos Engineering to enable the aforementioned properties. Chaos Engineering is an emerging discipline employed to prevent non-security failures in cloud infrastructure via Fault Injection Testing techniques. CloudStrike employs similar techniques with a focus on injecting failures that impact security i.e. integrity, confidentiality and availability. Essentially, CloudStrike leverages the relationship between dependability and security models. Preliminary experiments provide insightful and prospective results. |
DOI | 10.1109/NCA.2019.8935046 |
Citation Key | torkura_security_2019 |